Certbot/dns-route53 docker

Dear Community,

I'm trying to warp my head arround an issue with certificate renewals. I have docker container running certbot (certbot/dns-route53) which provisions certificate and renews them. And in other containers running applications using those certificates. The problem is, I haven't figured out the way how to reload the app inside the other containers or restart the other container once the certs were renewed. This is the only solution so far

--renew-hook "/usr/bin/curl --unix-socket /var/run/docker.sock -X POST http:/v1.24/containers/<container>/restart"

I don't really like the above solution so I'm wondering if you have any other suggestions.
Also It seems that certbot/dns-route53 image doesn't come with curl binaries so I would have to make a custom build in order to make it work.

Thanks !

I'm no Docker expert, but I think your solution is probably a very good one! Could maybe help other users of Dockerised certbot instances too.

I would not bother with the science behind "has the cert changed or not"...
And just schedule a get and reload once a week (or at whatever schedule works best for you).

I don't like this approach. Why would I restart somethign what doesn't needs restarting ?

A. How would you know it doesn't need to be restarted?
B. Have you heard of graceful restart OR reload?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.